Which of the following code snippets should the developer implement given the above transaction logs?

A developer is reviewing the following transaction logs from a web application:
Username: John Doe
Street name: Main St.
Street number: <script>alert(‘test’)</alert>
Which of the following code snippets should the developer implement given the above transaction logs?
A. if ($input != strcmp($var1, "<>")) {die();}
B. <form name ="form1" action="/submit.php" onsubmit="return validate()" action=POST>
C. $input=strip_tags(trim($_POST[‘var1’]));
D. <html><form name="myform" action="www.server.com/php/submit.php action=GET"

How to PASS CAS-004 in First Attempt?

FULL Printable PDF and Software. VALID exam to help you PASS.

comptia-exams

2 thoughts on “Which of the following code snippets should the developer implement given the above transaction logs?

    1. Agreed.

      It is important to notice that this function (strip_tags), in real life, is not the most adequate to prevent XSS attacks, as seen in PHP manual: “Warning: This function should not be used to try to prevent XSS attacks. Use more appropriate functions like htmlspecialchars() or other means depending on the context of the output.”.

      Source: https://www.php.net/manual/en/function.strip-tags.php

      6
      1

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.